<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
  "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> 
<head> 
  <title>Book List</title>
  <link rel="stylesheet" type="text/css" href="../style.css" />
  <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1" />
</head> 

<body>

<?php

include("dbInfo.inc");

// functions called below
function print_form() {
    $time time();
    echo <<<END
        <form action="$_SERVER[PHP_SELF]" method="post">

    <h2 class="center">Book Entry Screen</h2>
    <hr />


        <input type="hidden" name="Time" value="$time">
         <p><center><br />
           Author (LastName, FirstName):<br />
        <input type="text" name="author" size="40">

        <br /><br /><b>Title</b><br />
        <input type="text" name="title" size="60">
        <br /><b>Year: </b><br />
        <input type="text" name="year" size="4">
      <br /><br />

        <input type="hidden" name="stage" value="process">
        <input type="submit" value="Submit">
        </form>
END;
}

function process_form() {

    $author $_POST['author'];
    $title $_POST['title'];
    $year $_POST['year'];

    try {
    $conn = new PDO("mysql:host=mysql.truman.edu;dbname=agarvey""agarvey""Shower@spring17");
   // $conn = new PDO("mysql:host=$servername;dbname=$dbname", $username, $password);
    // set the PDO error mode to exception
    $conn->setAttribute(PDO::ATTR_ERRMODEPDO::ERRMODE_EXCEPTION);

    // prepare sql and bind parameters
    $stmt $conn->prepare("INSERT INTO books (author, title, year)
    VALUES (:author, :title, :year)");
    $stmt->bindParam(':author'$author);
    $stmt->bindParam(':title'$title);
    $stmt->bindParam(':year'$year);

    $stmt->execute();
}
catch(PDOException $e)
    {
    echo "Error: " $e->getMessage();
    }

// end the DB connection.
$conn null;
    
print "<h3>Success!!!</h3>";

print "<br />Thank you for entering a book.";

print "<br />To see all reports, <a href=\"bookTable.php?sortby=author\">click here</a>.";

}


if (isset($_POST['stage']) && ('process' == $_POST['stage'])) {
    process_form();
} else {
    print_form();
}

?>

</body>
</html>